CVSS: 9.8EPSS: 14%CPEs: 33EXPL: 3CVE-2007-3011 – Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution
https://notcve.org/view.php?id=CVE-2007-3011
05 Jul 2007 — The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter. La secuencia de comandos CGI DBAsciiAccess en el interfaz Web de Fujitsu-Siemens Computers ServerView anterior a 4.50.09 permite a atacantes remotos ejecutar comandos de su elección mediante metacaracteres de consola (shell) en el subparámetro Servername del paráme... • https://www.exploit-db.com/exploits/30264 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-3012
https://notcve.org/view.php?id=CVE-2007-3012
05 Jul 2007 — The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using (1) config/ip_management.htm and (2) config/snmp_config.htm. La interfaz web en Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade permite a atacantes remotos obtener información sensible cancelando el diálogo de autenticación c... • http://osvdb.org/37837 •
CVSS: 6.1EPSS: 0%CPEs: 20EXPL: 0CVE-2007-1504
https://notcve.org/view.php?id=CVE-2007-1504
19 Mar 2007 — Cross-site scripting (XSS) vulnerability in the Servlet Service in Fujitsu Interstage Application Server (IJServer) 8.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving web.xml and HTTP 404 and 500 status codes. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el Servicio Servlet de Fujitsu interstage Application Server (IJServer) 8.0.2 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HT... • http://jvn.jp/jp/JVN%2383832818/index.html •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2007-1505
https://notcve.org/view.php?id=CVE-2007-1505
19 Mar 2007 — Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, V12.0L20 and V13.0.0 allows local users to obtain sensitive information by extracting the decoding password from certain "self-decoding" file types. Fujitsu FENCE-Pro versiones anteriores a V5L01, y Systemwalker Desktop Encryption versiones V12.0L10, V12.0L10A, V12.0L10B, V12.0L20 y V13.0.0, permite a usuarios locales obtener información confidencial extrayendo la contraseña de descodificación de ciertos tipo... • http://jvn.jp/jp/JVN%2319795972/index.html •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2006-3578
https://notcve.org/view.php?id=CVE-2006-3578
13 Jul 2006 — Directory traversal vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en Fujitsu ServerView 2.50 hasta el 3.60L98 y 4.10L11 hasta el 4.11L81 permite a atacantes remotos leer archivos de su elección a través de vectores no especificados. • http://jvn.jp/jp/JVN%2373368472/index.html •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2006-3579
https://notcve.org/view.php?id=CVE-2006-3579
13 Jul 2006 — Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en Fujitsu ServerView 2.50 hasta la 3.60L98 y 4.10L11 hasta la 4.11L81 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://jvn.jp/jp/JVN%2373368472/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2006-2517
https://notcve.org/view.php?id=CVE-2006-2517
22 May 2006 — SQL injection vulnerability in MyWeb Portal Office, Standard Edition, Public Edition, Medical Edition, Citizen Edition, School Edition, and Light Edition allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. • http://secunia.com/advisories/20178 •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2006-2240
https://notcve.org/view.php?id=CVE-2006-2240
09 May 2006 — Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service (device unresponsiveness) via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. • http://secunia.com/advisories/19894 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2003-1528
https://notcve.org/view.php?id=CVE-2003-1528
31 Dec 2003 — nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. • http://securityreason.com/securityalert/3353 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 2%CPEs: 32EXPL: 0CVE-2002-2212
https://notcve.org/view.php?id=CVE-2002-2212
31 Dec 2002 — The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. • http://www.imconf.net/imw-2002/imw2002-papers/198.pdf •